Hi, Am 15.04.2014 um 22:21 schrieb Dave Taht <dave.taht@xxxxxxxxx>: >> I am would like to do traffic prioritization over a gre/ipsec tunnel that has a lot of video/voip traffic in addition to regular traffic (ftp/http... ) Is this something possible ? > > Difficult. You could for example do some sort of act_mirred thing into > multiple ifb or imq interfaces, and > apply some qos there before encapsulating them in ipsec. we, Dr. Michael Schwartzkopff and I, just talked about a similar solution this morning. Funny. Our idea: We have an incoming and an outgoing interface to a router. The router is doing IPsec. What we can do is to detect RTP with nDPI and modify the DSCP bits for VoIP. Afterwards using u32 and match the bit mask for these DSCP-bits (S5 i.e., I gues 0x28). We did not test it yet. Friday ;-) Kind regards -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
